6:1 Cloud Computing

Question 1

3 goals of securing the cloud

Answer 1

Confidentiality, Integrity, Availability of assets

Question 2

Cloud Computing

Answer 2

Delivering computing resources to a remote customer over a network

Question 3

Cloud Service Provider

Answer 3

Offers cloud computing service for sale to third parties, responsible for building and maintaining service offerings (internally or outsourcing)

Question 4

Cloud Customers

Answer 4

Purchases cloud computing services from one/more providers

Question 5

Cloud Service Partner

Answer 5

Provides add-on services to a cloud product (i.e. facilitating infrastructure)

Question 6

CASB

Answer 6

Cloud Access Security Broker, Provides IAM services

Question 7

On-Demand Self-Service Computing

Answer 7

Available when you need it

Question 8

Scalability

Answer 8

As demand increases, can increase capacity

Question 9

Horizontal Scaling

Answer 9

Adding more servers to pool to meet demand

Question 10

Vertical Scaling

Answer 10

Adding more resources to existing servers to meet increased demand

Question 11

Elasticity

Answer 11

Capable of expanding/contracting capacity quickly

Question 12

Broad Network Access

Answer 12

Anytime, anywhere access

Question 13

Measured Service

Answer 13

Everything done on cloud is measured, to ensure customer only pays for what is used

Question 14

Multitenancy

Answer 14

Shared computing resources for different clients

Question 15

Isolation

Answer 15

Actions of 1 user don’t impact the actions of another

Question 16

Oversubscription

Answer 16

Cloud service providers can oversell their resource capabilities as the users have variable resource demands.

Question 17

Resource Pooling

Answer 17

CPU and memory shared/can be reassigned among users

Question 18

Cost-Benefit Analysis

Answer 18

Lists benefits and their corresponding costs of a decision

Question 19

Intangible Benefits

Answer 19

Those that cannot be measured directly - scalability improvements, faster access to emerging technologies, increased productivity

Question 20

MSPs

Answer 20

Managed service providers - offer information technology services to customers

Question 21

MSSPs

Answer 21

Managed security service providers - must be carefully monitored (i.e. managing an entire security infrastructure, log monitoring)

Question 22

Security as a Service

Answer 22

Subcategory of MSSP

Question 23

CASBs

Answer 23

Cloud access security brokers - add a third-party security layer to the interactions that users have with other cloud services

Question 24

CASB methodologies

Answer 24

Network Based - Sits between user and cloud service, monitoring for security issues and blocking requests
API-Based - Queries the cloud service via AP regularly to monitor for issues, sits on the cloud, but cannot real-time block requests.